Security
- Fix an issue where blocklist bypass is possible when using curve P256 since the signature can have 2 valid representations.
Both fingerprint representations will be tested against the blocklist.
Any newly issued P256 based certificates will have their signature clamped to the low-s form.
Nebula will assert the low-s signature form when validating certificates in a future version. GHSA-69x3-g4r3-p962
Changed
- Improve error reporting if nebula fails to start due to a tun device naming issue. (#1588)